Next Event - 14th Nov 2019 - Madejski Football Stadium, Reading

Europe is now covered by the world's strongest data protection rules. The mutually agreed General Data Protection Regulation (GDPR) came into force on May 25, 2018, and was designed to modernise laws that protect the personal information of individuals. Companies covered by the GDPR are accountable for their handling of people's personal information. This can include having data protection policies, data protection impact assessments and having relevant documents on how data is processed. One of the biggest, and most talked about, elements of the GDPR has been the ability for regulators to fine businesses that don't comply with it. If an organisation doesn't process an individual's data in the correct way, it can be fined. If it requires and doesn't have a data protection officer, it can be fined. If there's a security breach, it can be fined. In the UK, these monetary penalties will be decided upon by Denham's office and the GDPR states smaller offences could result in fines of up to €10 million or two per cent of a firm's global turnover (whichever is greater). Those with more serious consequences can have fines of up to €20 million or four per cent of a firm's global turnover (whichever is greater). These are larger than the £500,000 penalty the ICO could previously issue.

Next Event - 14th Nov 2019 - Madejski Football Stadium​

Use the below buttons/tags to filter the sessions that are of interest to you


A new paradigm for data protection

Ardi Kolah - Data Protection Officer at Hitachi Consulting

In the session Ardi will describe how GDPR forces us to press the reset button and look at reviewing and measuring the maturity level of your Data Governance."


GDPR In The Real World – The Devil in the Detail of Consent

Mike Bohndiek - CIO/ CTO at Sports & Stadia Portfolio

The sporting world throws up a range of GDPR challenges. From fan consents to the holding of player medical records. From working with minors through the academy structures to the interaction between clubs and their foundations. Mike Bohndiek, Managing Director at PTI Consulting – a specialist sports technology and compliance advisory group – will share insight from their client base which ranges from the Ryder Cup to Premiership Rugby clubs and a wealth of football clubs.


Roxanne Morison - Head of Digital Policy at CBI (Confederation of British Industry)

Hooked on being at the heart of the big policy debates of the technology era. Extensive UK and EU digital & tech public policy knowledge, track record of developing campaigns from inception to launch and engaging government and stakeholders across industry.


Ben Westwood - Associate Director, Privacy and Data Protection at IHS Markit

Pragmatic and creative privacy professional with a passion for privacy and data protection. Over seven years’ experience, including three years of General Data Protection Regulation (GDPR) implementation along with regular speaking engagements at European privacy and GDPR conferences.


William Richmond - Coggan - Director at Freeths

Director in the dispute resolution team at Freeths LLP, a leading national firm, working primarily from their Oxford office. I specialise in:

  • contentious and non-contentious data privacy work, including GDPR and ePrivacy
  • high value complex technology disputes
  • contentious trust and probate law
  • negligence claims against professional advisers
  • litigation with an off-shore component
  • defamation proceedings

I am a solicitor-advocate with higher rights of audience enabling me to conduct trial advocacy up to Court of Appeal level, and have considerable experience of advocacy at County Court and High Court levels. Until 2018 I was the Chair of the Solicitors Association of Higher Court Advocates and remain an active committee member.


Pulina Whitaker - Partner at Morgan, Lewis & Bockius LLP

Specialties: Employment, benefits, data protection, investigations


Steve Wright - GDPR Advisor at Bank of England

I've spent more than 25 years learning in IT (the last 8 in Legal and Finance), but all the time designing, developing, managing (mainly people) and delivering transformational data governance, privacy and security programmes, but my role at John Lewis proved a great test of my skills.

At John Lewis, I was fortunate enough to be in the unique position of reporting directly into the Group Financial Director (CFO), but answerable to the Board and Audit & Risk Committee. This empowered me to ensure that when it came to data privacy and data security compliance, I was able to set the strategy, policy, direction and the tone (rate) of change necessary to take that great British icon into its optimal position of leveraging the data it collects, whilst at the same time protecting the rights of customers and Partners, by ensuring legal and regulatory compliance, delivering and enhancing Privacy and Security capabilities - whilst ensuring Trust and Transparency remains at the heart of our fantastic Brands - Waitrose and John Lewis.